From db60e09aecba85ed5429c5d0d9d004b5428ab045 Mon Sep 17 00:00:00 2001
From: Katherine Chen <katherine.chen@thetradedesk.com>
Date: Tue, 28 Jan 2025 10:42:19 +1100
Subject: [PATCH 1/6] Add temporary debug info

---
 .../com/uid2/shared/secure/AzureCCCoreAttestationService.java    | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/main/java/com/uid2/shared/secure/AzureCCCoreAttestationService.java b/src/main/java/com/uid2/shared/secure/AzureCCCoreAttestationService.java
index ae44ef79..08853fbf 100644
--- a/src/main/java/com/uid2/shared/secure/AzureCCCoreAttestationService.java
+++ b/src/main/java/com/uid2/shared/secure/AzureCCCoreAttestationService.java
@@ -46,6 +46,7 @@ public void attest(byte[] attestationRequest, byte[] publicKey, Handler<AsyncRes
             log.debug("Validating policy...");
             var encodedPublicKey = Utils.toBase64String(publicKey);
 
+            log.info("Kat debug attestation...tokenPayload: ", tokenPayload);
             var enclaveId = policyValidator.validate(tokenPayload, encodedPublicKey);
 
             if (allowedEnclaveIds.contains(enclaveId)) {

From ea065d8cb24220f29a4e4924a493eed8a62104be Mon Sep 17 00:00:00 2001
From: Katherine Chen <katherine.chen@thetradedesk.com>
Date: Tue, 28 Jan 2025 13:01:58 +1100
Subject: [PATCH 2/6] Add debug info and disable attest for core url

---
 .../com/uid2/shared/secure/AzureCCCoreAttestationService.java  | 3 ++-
 .../java/com/uid2/shared/secure/azurecc/PolicyValidator.java   | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/uid2/shared/secure/AzureCCCoreAttestationService.java b/src/main/java/com/uid2/shared/secure/AzureCCCoreAttestationService.java
index 08853fbf..26f77221 100644
--- a/src/main/java/com/uid2/shared/secure/AzureCCCoreAttestationService.java
+++ b/src/main/java/com/uid2/shared/secure/AzureCCCoreAttestationService.java
@@ -46,7 +46,8 @@ public void attest(byte[] attestationRequest, byte[] publicKey, Handler<AsyncRes
             log.debug("Validating policy...");
             var encodedPublicKey = Utils.toBase64String(publicKey);
 
-            log.info("Kat debug attestation...tokenPayload: ", tokenPayload);
+            log.info("Kat debug attestation...tokenPayload: ");
+            log.info(tokenString);
             var enclaveId = policyValidator.validate(tokenPayload, encodedPublicKey);
 
             if (allowedEnclaveIds.contains(enclaveId)) {
diff --git a/src/main/java/com/uid2/shared/secure/azurecc/PolicyValidator.java b/src/main/java/com/uid2/shared/secure/azurecc/PolicyValidator.java
index 9659ec93..f629964e 100644
--- a/src/main/java/com/uid2/shared/secure/azurecc/PolicyValidator.java
+++ b/src/main/java/com/uid2/shared/secure/azurecc/PolicyValidator.java
@@ -43,7 +43,8 @@ private void verifyAttestationUrl(MaaTokenPayload maaTokenPayload) throws Attest
         if (decodedRuntimeAttestationUrl == null) {
             return;
         } else if (!UrlEquivalenceValidator.areUrlsEquivalent(decodedRuntimeAttestationUrl, this.attestationUrl)) {
-            throw new AttestationClientException("The given attestation URL is unknown. Given URL: " + decodedRuntimeAttestationUrl, AttestationFailure.UNKNOWN_ATTESTATION_URL);
+            // throw new AttestationClientException("The given attestation URL is unknown. Given URL: " + decodedRuntimeAttestationUrl, AttestationFailure.UNKNOWN_ATTESTATION_URL);
+            return;
         }
     }
 

From ca94655b7eb3f190bfd7c1e7bc9a66e6d031f029 Mon Sep 17 00:00:00 2001
From: Katherine Chen <katherine.chen@thetradedesk.com>
Date: Tue, 28 Jan 2025 13:09:56 +1100
Subject: [PATCH 3/6] Comment out related tests

---
 .../secure/azurecc/PolicyValidatorTest.java    | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/src/test/java/com/uid2/shared/secure/azurecc/PolicyValidatorTest.java b/src/test/java/com/uid2/shared/secure/azurecc/PolicyValidatorTest.java
index 59c3630b..a11cfdca 100644
--- a/src/test/java/com/uid2/shared/secure/azurecc/PolicyValidatorTest.java
+++ b/src/test/java/com/uid2/shared/secure/azurecc/PolicyValidatorTest.java
@@ -116,13 +116,13 @@ public void testValidationSuccess_SameAttestationUrl() throws AttestationExcepti
         assertEquals(CCE_POLICY_DIGEST, enclaveId);
     }
 
-    @Test
-    public void testValidationFailure_DifferentAttestationUrl() {
-        var validator = new PolicyValidator("https://someother.uidapi.com");
-        var payload = generateBasicPayload();
-        Throwable t = assertThrows(AttestationException.class, ()-> validator.validate(payload, PUBLIC_KEY));
-        assertEquals("The given attestation URL is unknown. Given URL: " + ATTESTATION_URL, t.getMessage());
-        assertEquals(AttestationFailure.UNKNOWN_ATTESTATION_URL, ((AttestationClientException)t).getAttestationFailure());
-
-    }
+//    @Test
+//    public void testValidationFailure_DifferentAttestationUrl() {
+//        var validator = new PolicyValidator("https://someother.uidapi.com");
+//        var payload = generateBasicPayload();
+//        Throwable t = assertThrows(AttestationException.class, ()-> validator.validate(payload, PUBLIC_KEY));
+//        assertEquals("The given attestation URL is unknown. Given URL: " + ATTESTATION_URL, t.getMessage());
+//        assertEquals(AttestationFailure.UNKNOWN_ATTESTATION_URL, ((AttestationClientException)t).getAttestationFailure());
+//
+//    }
 }

From 9bf55d39b58f5355cd057609e3ed2a37888cdc5a Mon Sep 17 00:00:00 2001
From: Katherine Chen <katherine.chen@thetradedesk.com>
Date: Tue, 28 Jan 2025 13:19:25 +1100
Subject: [PATCH 4/6] Print out tokenPayload

---
 .../uid2/shared/secure/AzureCCCoreAttestationService.java   | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/uid2/shared/secure/AzureCCCoreAttestationService.java b/src/main/java/com/uid2/shared/secure/AzureCCCoreAttestationService.java
index 26f77221..2be27ac8 100644
--- a/src/main/java/com/uid2/shared/secure/AzureCCCoreAttestationService.java
+++ b/src/main/java/com/uid2/shared/secure/AzureCCCoreAttestationService.java
@@ -46,8 +46,10 @@ public void attest(byte[] attestationRequest, byte[] publicKey, Handler<AsyncRes
             log.debug("Validating policy...");
             var encodedPublicKey = Utils.toBase64String(publicKey);
 
-            log.info("Kat debug attestation...tokenPayload: ");
-            log.info(tokenString);
+            if (tokenPayload != null) {
+                log.info("Kat debug attestation...tokenPayload: ");
+                log.info(tokenPayload.toString());
+            }
             var enclaveId = policyValidator.validate(tokenPayload, encodedPublicKey);
 
             if (allowedEnclaveIds.contains(enclaveId)) {

From 6d5f98bd801448955cfbb7e0ac53c4a52c25a8b6 Mon Sep 17 00:00:00 2001
From: Katherine Chen <katherine.chen@thetradedesk.com>
Date: Tue, 28 Jan 2025 13:36:17 +1100
Subject: [PATCH 5/6] Allow kata compliance

---
 .../java/com/uid2/shared/secure/azurecc/MaaTokenPayload.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/com/uid2/shared/secure/azurecc/MaaTokenPayload.java b/src/main/java/com/uid2/shared/secure/azurecc/MaaTokenPayload.java
index a4eceaa3..2c898f87 100644
--- a/src/main/java/com/uid2/shared/secure/azurecc/MaaTokenPayload.java
+++ b/src/main/java/com/uid2/shared/secure/azurecc/MaaTokenPayload.java
@@ -21,6 +21,6 @@ public boolean isSevSnpVM(){
     }
 
     public boolean isUtilityVMCompliant(){
-        return AZURE_COMPLIANT_UVM.equalsIgnoreCase(complianceStatus);
+        return AZURE_COMPLIANT_UVM.equalsIgnoreCase(complianceStatus) || "azure-signed-katacc-uvm".equalsIgnoreCase(complianceStatus);
     }
 }

From 63feab1c8367efba43c36047253873108d60d4b1 Mon Sep 17 00:00:00 2001
From: Release Workflow <unifiedid-admin+release@thetradedesk.com>
Date: Tue, 28 Jan 2025 02:39:02 +0000
Subject: [PATCH 6/6] [CI Pipeline] Released Snapshot version:
 8.0.33-alpha-188-SNAPSHOT

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index eeb5e064..b65de4f1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
 
     <groupId>com.uid2</groupId>
     <artifactId>uid2-shared</artifactId>
-    <version>8.0.32</version>
+    <version>8.0.33-alpha-188-SNAPSHOT</version>
     <name>${project.groupId}:${project.artifactId}</name>
     <description>Library for all the shared uid2 operations</description>
     <url>https://github.com/IABTechLab/uid2docs</url>